Securing Your Mission Critical Data in Storage

Security is top of mind for storage professionals and their CIOs today. As enterprises look for ways to maximize storage efficiency, performance and capacity, keeping data safe from both hackers and rogue employees, is vital. For cyber criminals, storage is a major target as this is where the sensitive, mission-critical, and most other data is available.

So how do you keep your storage secure? Encrypting your data is the foundation to protecting your assets. But what else can you do to ensure seamless access for authorized users, while keeping everyone else out? Find out more in this interactive presentation.

For many organisations, it will be a legal requirement to have a Data Protection Officer. Even if you may not have a legal requirement, it will be useful to have a person responsible for Data Protection.

Join this presentation to learn more about:
- Challenges faced by organisations on deciding whether they should have a DPO
- How to choose a DPO (full time or consultant)
- The expectations from the role

GDPR requires organizations to identify, classify, and protect personal information, but how do you prepare and protect against a possible breach if you don't know what data you have, where it lives, or how it's classified?

Data protection has always been important, but with the GDPR deadline looming and data sharing scandals shaking consumer confidence, securing personal data has never been more vital. The GDPR is leading businesses across the world to evaluate, and in many cases modify their data processing activities in line with upcoming law.

So what if you’ve left it too late? What are the key steps you can take to work towards GDPR compliance, even after deadline day?

Join us in this webinar with Alex Jordan, Senior Analyst at the Information Security Forum as he shares:

-The ISF’s phased approach to GDPR implementation
-Ways to determine the criticality of data and how to protect it appropriately
-The urgent actions that a business can take to get GDPR compliance started
-Common myths surrounding the GDPR, and guidance on cutting through the noise.

Join this expert panel as they discuss their thoughts and predictions for the remainder of 2018 and beyond about how the cybersecurity arena is impacting, and is impacted by, human and workforce behavior, machine learning, threats and procedures, software assurance, supply chain risk, and more.

The General Data Protection Regulation (GDPR) is a key legislation going into effect in May that it will affect all organizations that handle, store or pass through data of EU citizens.

Join this panel of Governance, Risk, Compliance and Security experts for an interactive Q&A as they discuss the importance of being GDPR-compliant:
- What GDPR means for cyber security
- GDPR requirements around data collection and governance, exposure and breach disclosure
- Evaluating your cyber risk
- Recommendations for achieving compliance post-deadline day
- Other regulation on the horizon

The Nation has an ever-growing need for cybersecurity professionals who can protect our networks and infrastructure from increasing cyber threats and attacks. According to a study by the Center for Cyber Safety and Education, there will be a shortage of 1.8 million information security workers by 2022. Building a skilled and agile cybersecurity workforce to fill these positions is a national challenge.

To address the shortage of skilled workers, it is critical for all communities to work together to coordinate cybersecurity awareness, education, training, and workforce development efforts. Current initiatives across the Federal Government help advance the cybersecurity workforce, particularly through training and professional development. The Department of Homeland Security (DHS) is leading such efforts through its Cybersecurity Education and Awareness (CE&A) Branch.

We will also share information about our Stop. Think. Connect.™ campaign to help promote safe online behavior. Stop. Think. Connect.™ resources provide partnership opportunities to academic institutions, government agencies/departments, as well as non-profit organizations.

Join this webinar to learn:
1. How to find CE&A awareness, education, and workforce development resources
2. How to use National Cybersecurity Workforce Framework (NCWF) tools
3. How to partner with our Stop. Think. Connect.™ Campaign

This webinar is part of ISSA's Security Education and Awareness Special Interest Group Webinar Series.

The United States spent around $3.5 trillion or 18% of GDP on healthcare. According to FBI, the amount of this spending lost due to fraud, waste, and abuse (FWA) ranged between $90 billion and $330 billion!

This talk will offer practical advice on how to effectively organize and join various healthcare data sources such as claim and clinical data, how to set-up the problem, and how to design an effective machine learning solution to identify FWA leads and expedite investigator review using intuitive visualization to understand the risk factors contributing to those leads.

Payment fraud prevention tools have existed since the end of the 90s and have improved continuously since. In the last 2 to 3 years we have seen a new paradigm come into the space - machine learning.

This new technology is perfectly fitted for identifying fraud and is slowly being adopted by the market. Moving forward, using tools like this will no longer be a choice but rather an obligation for merchants. An obligation, as it will be at the origin of a competitive advantage which goes way beyond fraud prevention and will bleed into business intelligence fields.

In this session, Rodrigo Camacho, CCO at Nethone will walk you through the evolution fraud prevention touching on the following key points;

How the problem is solved by a large part of the industry today
The revolution that is happening in the space today
The halo effect that this revolution is going to have on the rest of business processes

Open Data is somewhat of a misnomer. For data sharing to take place, privacy must come first. As such, GDPR represents the essential rules of engagement without which the game of PSD2 cannot take place.

Rather than signalling an era of 'free love' between service providers and platforms, PSD2 and the API revolution mean that businesses and service providers must now be more secure than ever when it comes to user data.

In this session, Soldo's founder, Carlo Gualandri, explains how Soldo has responded to the regulatory environment by building a proprietary in-house GDPR-compliant machine to ensure privacy by design.

Tune in for an interactive discussion with cloud and security experts on the key trends shaping enterprise cloud strategy, explore the latest technological advancements, and discover how to better secure your critical data and workflows in the cloud.

In the last six months, crypto-mining malware and crypto-jacking have taken center stage in cybercrime news. We’ll discuss the most recent events and see how this links to ransomware, which dominated the cybercrime news last year, where one outbreak cost seven companies over one billion dollars.

Both crypto-mining malware and ransomware, aside from gathering headlines, demonstrate that cybercriminals and nation state actors are building capabilities for worming malware that could have the ability to do far greater damage than has yet been seen.

Come to this talk, learn what’s been going on, where it’s likely going, and how to avoid being a victim of a headline-generating event.

About the Speaker:
Jay Beale created two tools used by hundreds of thousands of individuals, companies and governments, Bastille Linux and the Center for Internet Security’s first Linux/UNIX scoring tool. He has led training classes on Linux security at the Black Hat, CanSecWest, RSA, and IDG conferences, as well as in private corporate training, since 2000. As an author, series editor and speaker, Jay has contributed to nine books and two columns and given more than one hundred public talks. He led the development of the Linux security standard for the Center for Internet Security, served on the board of Mitre’s OVAL project, and serves as a member on the O’Reilly Security Conference’s program committee.

He is a co-founder, COO and CTO of the information security consulting company InGuardians, a leading information security consultancy with offices in Seattle, Boston, Chicago, Dallas, Atlanta and Washington, DC.

In this webcast, attendees will learn:
· Who is CIS? How the CIS Benchmarks remove guesswork for security professionals?
· What is CIS Azure Foundations Benchmark? Why Azure decided to use CIS Foundations Benchmark?
· How audit teams can consistently evaluate the security of Azure Subscriptions, reducing complexity in managing risk when using Azure for critical, regulated systems
· How these security checks can be seamlessly integrated into an organization’s security and audit ecosystem with an array of security tools and solutions.

CIS Benchmarks have been the de facto standard for prescriptive, industry-accepted best practices for securely configuring traditional IT components. The release of the CIS Azure Foundations Benchmark into this existing ecosystem marks one of many milestones for the maturation of the cloud and its suitability for sensitive and regulated workloads.

Endpoint security represents the frontline in your fight against cybercriminals. Despite the relative maturity of the endpoint security market, new threats and evolving attacker capabilities have proven traditional approaches inadequate - and left organizations exposed.

Guest speaker Forrester Senior Analyst Chris Sherman and Nyotron's Senior Director of Product Management Rene Kolga will discuss the current state of endpoint security while highlighting a path forward for organizations looking to re-focus their strategies to combat current threats.

Cyber has become a strategic issue and for many companies is now a business enabler and increasingly a form of competitive advantage. However it is clear that it remains difficult for Board's to get the “right” management information to support their cyber risk discussions and decision making.

So how can Board's ensure that they are asking the right questions when it comes to an organisation’s cyber posture and how can CISOs maintain and improve the Board’s attention in this fast-moving space? This webinar will look at the challenges faced by CISOs and Board members and offer insights into how to successfully approach cyber security at Board level.

About the presenter:
Steve Durbin is Managing Director at the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.

Rob Shapland is an ethical hacker with 9 years’ experience conducting penetration tests for hundreds of organisations, from small businesses to major international organisations.
He specialises in simulating advanced cyber attacks against corporate networks, combining technical attacks with his other hobby of dressing up and tricking his way into company headquarters using social engineering techniques.
He is also a regular speaker at events and conferences around Europe, and has appeared on both BBC and ITV as a cyber security adviser. He holds qualifications from SANS, Offensive Security and CREST, and has been trained in social engineering techniques by Chris Hadnagy, one of the world's leading practitioners and researchers.

This webinar will provide an in-depth review of how software-defined wide-area network or SD-WAN can be used to:
- Improve your cyber security posture and reduce the chances of a breach
- Decrease your detection time to reduce the hackers time in your network and reduce response costs
- Use dynamic segmentation to prevent the spread of a breach, thus reducing financial impact

About the Presenters

Jack Miller, CISO, Open Systems

Jack Miller is a well know cybersecurity veteran with over 16 years of CISO experience at 4 multi-billion dollar organizations. He currently serves as the Chief Information Security Officer for Open Systems, Switzerland’s largest Secure SDWAN and Cloud delivered Security-As-A-Service solution provider.

Martin Bosshardt, CEO, Open Systems

Martin Bosshardt has been CEO of Open Systems AG since 2002. Martin Bosshardt studied at the ETH in Zurich and Todai University in Tokyo. He has a master's degree in electrical engineering from the Swiss Federal Institute of Technology (ETH). In 2011, Martin Bosshardt was awarded with the SVC Entrepreneurs Award. Since 2013, he has been a member of the Advisory Board of PwC Switzerland.

Small businesses are the low-hanging fruit of the cybercrime world. Operating a small business is tough work and requires the small business owner to be skilled in many areas of business, finance, tech, customer service, sales, fulfillment, and so on. Cybersecurity is only a part of what SMB owners needs to know about in order to successfully run their business. However, the cybersecurity portion is often overlooked. As hackers and attackers are looking for people to scam and steal from, they look for the easiest targets first.

In this webinar, audiences will learn more about:
- The risks and real costs of ignoring your data security
- How it can cause you to go out of business
- Simple steps to take immediately to help improve your security

Be sure that you have a good grip on understanding what you need to do when it comes to protecting your small business from these threats.

And as an added bonus, you'll receive some valuable resources that you'll be able to use in the future as you discover, plan, and implement new security strategies in your own small business. Be #SmallBizCyber smart about your small business!

You probably spend enough on cyber security. Leadership and analysis can achieve more than additional spending.

Technology and services will continue to improve and evolve, but the total spend by companies does not need to grow to counter new threats. Damrod provides an analytical toolkit based on military principles to understand, assess, and defend against cyber-attack.

This presentation focuses on treating cyber as conflict and countering an attacker through better tactics to achieve a better defense.

About the Speaker:
Griff is trained as a Canadian Infantry Officer and is a holds a Master’s Degree from the LSE. Unable to find “real” work, he got into software development as a Scrum Master, leading the development of a web based application. This experience fostered an interest in cybersecurity, and Griff went on to a boutique start-up providing application security to Fortune 500 companies. Frustrated by the disconnect between technologies and poor analysis within cyber security, Griff founded cyber defense firm Damrod Analysis in 2017.

With data breaches on the rise, enterprises worldwide are looking to implement better technologies and processes for faster breach detection and response, as well as train all employees to be cyber aware.

Join this interactive Q&A panel to learn more about:
- Key factors for building a successful CISO strategy
- Why breach prevention matters
- True costs of breaches
- Technological solutions to consider for a more cyber resilient enterprise
- How AI/machine learning and human talent can work together
- Top threats to look out for in 2018

As an experienced Ethical Hacker I have worked on both the offensive and the defensive side of cybersecurity to help my clients become more resilient to cyber attack. I have designed and executed various simulated attacks, and incident response exercises based on feasible scenarios and from actual experiences in helping clients respond to data breaches. The one question, asked consistently throughout much of my career has been: “how much does it cost?”

We see in the media, organisations who’ve suffered a breach costing thousands, millions, even hundreds of millions – but where do these values come from?

In this session, I will walk you through the true cost of a data breach, including the hidden costs which you may not realise until an incident occurs.

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.